Computer-based access controls can limit which users or processes may have access to a specific system resource and the type of access permitted. The access decisions in Role-Based Access Control (RBAC) are based on the roles that individual users have as part of an organization. Users take on assigned roles (such as system administrator, project manager, design engineer, or part-time employee, etc.) Access rights are grouped by role name, and the use of resources is restricted to individuals authorized to assume the associated role. For example, a system administrator can access user authentication data for an entire organization, whereas the role of a project manager can be limited to information associated with that particular project, and not to information associated with other projects.
A program or command that is actually running on the computer is referred to as a process. When a process is started on a system, the process uses a part of the available system resources. When more than one process is running, a scheduler that is built into the operating system gives each process its share of the computer's time, based on established priorities.
In Role Based Access Control (RBAC), what is needed is a way to control the priority of the running processes based on roles. For example, a system has two roles: “Security Administration” and “Backup Administration”. A set of authorizations has been assigned to these roles. If there is a requirement to give more priority to the “Security Administration” role, i.e. more priority is to be given to the commands (processes) that a Security Administration executes on the system, then the “Backup Administration” role should be given a lesser priority than the “Security Administration” role. These priorities are required since “Security Administration” commands are considered more important and the person exercising that role needs more priority for his commands then a person exercising the “Backup Administration” role.
What is needed is a way to assign priority of a process in accordance with the role of the person accessing that process. In other words the priority of the process needs to be set based on the role that a user has, i.e. prioritize processes based on the roles with which they are associated. What is needed is a method to assign priority to processes based on roles.